Web 3.0 returns control of personal information to users

Who controls the Internet? The U.S. government primarily, along with a handful of humongous telecommunications companies and Internet services.

Who owns the personal information you supply to Internet services? If you ask the services, they'll tell you that they own it. After all, you gave it to them voluntarily in exchange for your use of the services. Fair exchange?

A small army of tech workers -- mostly volunteers -- are in the process of changing the answer to both of those questions. Who will own the next iteration of the Internet? Nobody and everybody. Who will own the personal information you share online? You will.

How will they pull off this trick? By creating a private version of the Internet that uses the Internet's spare parts. They are distributing free software to create peer-to-peer networks of computers. The networks are private because they encrypt all data when it is communicated and where it is stored. Governments, telcos, ISPs, and anyone else not invited to join the networks can't access the information transmitted over and stored on them.

Step one: Proving the concept

In the grand tradition of numbering generations of technology, these private networks are referred to as "Web 3.0" by some of their creators. Vinay Gupta, who is one of the developers creating the Ethereum private network, describes Web 1.0 as static websites, and Web 2.0 as interactive social media. In Web 3.0, users store and control their information anonymously on decentralized, uncensorable networks.

The Spectator's Jessie Bartlett describes Ethereum in a March 28, 2015, article as free, open-source software that creates strongly encrypted peer-to-peer networks. "Peer-to-peer" means the data on the network is distributed for storage on various nodes throughout the network. "Strong encryption" means the data on the network can't be accessed without the decryption key.

Put the two together and you have a network that locks out everyone who hasn't been allowed in explicitly. Your social media, online storage, and other web services are shared only with the participants you choose. More importantly, your information is recorded in a public chronological database that establishes your rights against "copying, tampering, fraud or deletion." The database uses block chains similar to those used as the basis for bitcoins and other digital currencies. This protects the data while maintaining its anonymity.

Private networks such as Ethereum aren't likely to be used widely anytime soon. At present, they represent a blueprint for re-establishing our expectation of privacy for personal digital data. For example, when you send a letter by mail, you expect that only the recipient will access its contents. Today, the default setting for all online information is to consider it public -- despite claims by Internet services and government that they honor your privacy. We all know there is no such thing as private information on the public Internet.

Private networks change the default setting to consider the information private. What's revolutionary about private networks is that they are outside of the control of the government -- in principle if not in fact. Likewise, they prevent Google, Facebook, and other web services from collecting and monetizing your personal information, at least directly.

As The Spectator's Bartlett points out, other peer-to-peer networks that have been tried in recent years met with limited success. What's different now is the increased demand for privacy protections. Also, people realize they can save money when making online purchases by excluding the cut that now goes to third parties, such as Amazon and Google. Bartlett closes by stating that private networks such as Ethereum are inevitable. The only question is how long it will take for them to arrive.

-------------------------------------------------------------

No such thing as a 'right to be forgotten'

Not long ago, a resident of Spain wanted Google to remove links to information related to his past financial troubles. The European court ruled that Google has to allow people to request similar removals of disparaging but accurate information. Now people are talking about extending this right to U.S. citizens.

To which I say "Phooey!"

First, Google merely removes links to the sources of information you want to erase from the Internet. The information's still there, and it could be discovered -- at least in theory -- via other methods.

But more importantly, you can't rewrite history. That was what Big Brother was doing in George Orwell's 1984, right? "If you control the past, you control the present." What gives you the right to attempt to control the past?

This sentiment was the consensus of attendees at a recent debate in New York City on whether the U.S. should follow the lead of the European Court of Justice in allowing individuals to demand negative (but accurate) information about them be removed from search results. Fortune's Jeff John Roberts reports on the event in a March 12, 2015, article.

The best defense against such disparaging information is to counter it with positive information. With time and effort, you'll reclaim your reputation. (Of course, if the disparaging information is untrue and damaging, you have a duty to seek reparations -- but not from Google. Look for your remedy from the source of the defaming information.)

----------------------------------------------------------------

Web video service isn't liable for sharing customers' viewing history without permission

So this company sells a customer's 64-digit Android phone ID and video-viewing history without permission to a targeted ad network. Then the ad network ties the ID to information from another source to determine the customer's name. The customer claims this is a violation of the Video Privacy Protection Act of 1988, which was enacted in the wake of Judge Robert Bork's failed nomination to the U.S. Supreme Court. During Bork's nomination process, a newspaper acquired the nominee's rental history from a video store (remember those?)

The U.S. District Court dismissed the suit with prejudice for failure to state a claim. (Ellis v. The Cartoon Network, Inc., U.S. Dist. LEXIS 143078, at *9 (N.D. Ga. Oct. 8, 2014)). On March 2, 2015, defendant Cartoon Network filed its response brief requesting that the Eleventh Circuit Court of Appeals affirm the district court's dismissal, as Jessica Nwokacha writes in a March 25, 2015, post on the JD Supra Business Advisor site.

Mark Ellis, the plaintiff, points to the statute's interpretation of personally identifiable information as any where "the recipient of a disclosure understands to whom the information refers." Ellis argues that information such as the Android ID is actually more identifying than a name because names are often shared by several people, whereas an Android ID is unique to an individual.

Nwokacha states that our mobile viewing histories become more valuable as our use of mobile phones increases. Depending on outdated statutes such as the Video Privacy Protection Act to prevent misuse of our mobile data is tantamount to having no protections at all.

Treating ISPs as common carriers will broaden the definition of 'personal info' -- someday

Once Internet services are subject to the restrictions of common carriers under the Section 222 of the Telecommunications Act of 1996 (47 U.S.C. § 222), the Android ID at issue in Ellis v. The Cartoon Network may qualify as "customer proprietary network information" under Section 222. That would limit how services can use, disclose, and share such personal information, as Mark Brennan writes in a March 25, 2015, post on the Hogan Lovells site.

However, the FCC intends to give Internet services a pass on Section 222, claiming that the statute was intended for voice communications, so its definition of personal information doesn't apply to Internet services. The agency is expected to develop new rules applying Section 222 to information collected and stored on the Internet.